Lifting the cyber security of the Internet of Things: voluntary Code of Practice

Release details

Release type

Related ministers and contacts


Senator the Hon Linda Reynolds CSC

Minister for Defence


The Hon Peter Dutton MP

Minister for Home Affairs


Media contacts

  Minister Dutton’s Office – 02 6277 7860, Minister Reynolds’ Office – 02 6277 7800.

Release content

3 September 2020

Joint media release

  • Minister for Home Affairs, the Hon Peter Dutton MP

 

The Morrison Government has today released a voluntary Code of Practice to improve the security of the Internet of Things (IoT) in Australia – including everyday devices such as smart fridges, smart televisions, baby monitors and security cameras.

Minister for Home Affairs Peter Dutton said cyber security has never been more important to Australia’s economic prosperity.

“Internet-connected devices are increasingly part of Australian homes and businesses and many of these devices have poor security features that expose owners to compromise,” Mr Dutton said.

“Manufacturers should be developing these devices with security built in by design.

“Australians should be considering security features when purchasing these devices to protect themselves against unsolicited access by cybercriminals.”

Minister for Defence Senator the Hon Linda Reynolds CSC said the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has today also released quick and easy tips to help Australian consumers protect themselves against cyber threats when buying and using internet-connected devices.

“Boosting the security and integrity of internet connected devices is critical to ensuring that the benefits and conveniences they provide can be enjoyed without falling victim to cybercriminals,” Minister Reynolds said.

When purchasing and setting up an IoT device, some of the questions families and businesses should ask are:

  1. Is the device made by a well-known reputable company and sold by a well-known reputable company?
  2. Is it possible to change the password?
  3. Does the manufacturer provide updates?
  4. What data will the device collect and who will the data be shared with?

The ACSC has also produced guidance for manufacturers on how to implement the loT Code of Practice.

The Code of Practice is a key deliverable as part of the 2020 Cyber Security Strategy and has been developed in close partnership with industry following nation-wide consultation earlier this year. It outlines the cyber security features the Government expects of internet-connected devices available in Australia.

The Code of Practice also aligns and builds upon guidance provided by the United Kingdom, and is consistent with other international standards.

The Australian Government will continue to explore further initiatives for lifting the security of the Internet of Things and making Australia the safest place to connect online.

A copy of the Code of Practice is available at www.homeaffairs.gov.au/codeofpractice

The ACSC’s Tips to secure your Internet of Things device is available at www.cyber.gov.au/acsc/view-all-content/advice/internet-things-devices

The ACSC’s guidance for manufacturers is available at www.cyber.gov.au/acsc/view-all-content/publications/how-implement-iot-code-practice-guidance-manufacturers

Other related releases